File openssl-fips__0040_use_fipscheck_internal.diff of Package compat-openssl098.16428
diff -rNU 20 ../openssl-0.9.8j-o/Makefile.org ./Makefile.org
--- ../openssl-0.9.8j-o/Makefile.org 2011-08-09 14:10:24.000000000 +0200
+++ ./Makefile.org 2011-08-09 14:14:42.000000000 +0200
@@ -339,67 +339,62 @@
@dir=engines; target=all; $(BUILD_ONE_CMD)
build_apps:
@dir=apps; target=all; $(BUILD_ONE_CMD)
build_tests:
@dir=test; target=all; $(BUILD_ONE_CMD)
build_tools:
@dir=tools; target=all; $(BUILD_ONE_CMD)
all_testapps: build_libs build_testapps
build_testapps:
@dir=crypto; target=testapps; $(BUILD_ONE_CMD)
build_shared: $(SHARED_LIBS)
libcrypto$(SHLIB_EXT): libcrypto.a $(SHARED_FIPS)
@if [ "$(SHLIB_TARGET)" != "" ]; then \
if [ "$(FIPSCANLIB)" = "libfips" ]; then \
$(ARD) libcrypto.a fipscanister.o ; \
$(MAKE) SHLIBDIRS='crypto' SHLIBDEPS='-lfips' build-shared; \
$(AR) libcrypto.a fips/fipscanister.o ; \
else \
- if [ "$(FIPSCANLIB)" = "libcrypto" ]; then \
- FIPSLD_CC=$(CC); CC=fips/fipsld; \
- export CC FIPSLD_CC; \
- fi; \
$(MAKE) -e SHLIBDIRS='crypto' build-shared; \
fi \
else \
echo "There's no support for shared libraries on this platform" >&2; \
exit 1; \
fi
libssl$(SHLIB_EXT): libcrypto$(SHLIB_EXT) libssl.a
@if [ "$(SHLIB_TARGET)" != "" ]; then \
shlibdeps=-lcrypto; \
[ "$(FIPSCANLIB)" = "libfips" ] && shlibdeps="$$shlibdeps -lfips"; \
$(MAKE) SHLIBDIRS=ssl SHLIBDEPS="$$shlibdeps" build-shared; \
else \
echo "There's no support for shared libraries on this platform" >&2 ; \
exit 1; \
fi
fips/fipscanister.o: build_fips
libfips$(SHLIB_EXT): fips/fipscanister.o
@if [ "$(SHLIB_TARGET)" != "" ]; then \
- FIPSLD_CC=$(CC); CC=fips/fipsld; export CC FIPSLD_CC; \
$(MAKE) -f Makefile.shared -e $(BUILDENV) \
- CC="$${CC}" LIBNAME=fips THIS=$@ \
+ CC=$(CC) LIBNAME=fips THIS=$@ \
LIBEXTRAS=fips/fipscanister.o \
LIBDEPS="$(EX_LIBS)" \
LIBVERSION=${SHLIB_MAJOR}.${SHLIB_MINOR} \
link_o.$(SHLIB_TARGET) || { rm -f $@; exit 1; } \
else \
echo "There's no support for shared libraries on this platform" >&2; \
exit 1; \
fi
libfips.a:
dir=fips; target=all; $(BUILD_ONE_CMD)
clean-shared:
@set -e; for i in $(SHLIBDIRS); do \
if [ -n "$(SHARED_LIBS_LINK_EXTS)" ]; then \
tmp="$(SHARED_LIBS_LINK_EXTS)"; \
for j in $${tmp:-x}; do \
( set -x; rm -f lib$$i$$j ); \
done; \
fi; \
diff -rNU 20 ../openssl-0.9.8j-o/apps/Makefile ./apps/Makefile
--- ../openssl-0.9.8j-o/apps/Makefile 2011-08-09 14:10:24.000000000 +0200
+++ ./apps/Makefile 2011-08-09 14:14:42.000000000 +0200
@@ -135,42 +135,40 @@
fi
dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
mv -f Makefile.new $(MAKEFILE)
clean:
rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
rm -f req
$(DLIBSSL):
(cd ..; $(MAKE) DIRS=ssl all)
$(DLIBCRYPTO):
(cd ..; $(MAKE) DIRS=crypto all)
$(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
$(RM) $(EXE)
shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
shlib_target="$(SHLIB_TARGET)"; \
- elif [ -n "$(FIPSCANLIB)" ]; then \
- FIPSLD_CC=$(CC); CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \
fi; \
LIBRARIES="$(LIBSSL) $(LIBKRB5) $(LIBCRYPTO)" ; \
[ "x$(FIPSCANLIB)" = "xlibfips" ] && LIBRARIES="$$LIBRARIES -lfips"; \
$(MAKE) -f $(TOP)/Makefile.shared -e \
CC="$${CC}" APPNAME=$(EXE) OBJECTS="$(PROGRAM).o $(E_OBJ)" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
link_app.$${shlib_target}
-(cd ..; \
OPENSSL="`pwd`/util/opensslwrap.sh"; export OPENSSL; \
$(PERL) tools/c_rehash certs)
progs.h: progs.pl
$(PERL) progs.pl $(E_EXE) >progs.h
$(RM) $(PROGRAM).o
# DO NOT DELETE THIS LINE -- make depend depends on it.
app_rand.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
app_rand.o: ../include/openssl/buffer.h ../include/openssl/conf.h
app_rand.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h
diff -rNU 20 ../openssl-0.9.8j-o/fips/Makefile ./fips/Makefile
--- ../openssl-0.9.8j-o/fips/Makefile 2008-09-23 13:21:17.000000000 +0200
+++ ./fips/Makefile 2011-08-09 14:14:42.000000000 +0200
@@ -45,43 +45,43 @@
LIBOBJ=fips.o
FIPS_OBJ_LISTS=sha/lib hmac/lib rand/lib des/lib aes/lib dsa/lib rsa/lib dh/lib
SRC= $(LIBSRC)
EXHEADER=fips.h
HEADER=$(EXHEADER) fips_utl.h fips_locl.h
EXE=fipsld
ALL= $(GENERAL) $(SRC) $(HEADER)
top:
@(cd ..; $(MAKE) DIRS=$(DIR) all)
testapps:
@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
all:
@if [ -z "$(FIPSLIBDIR)" ]; then \
- $(MAKE) -e subdirs lib fips_premain_dso$(EXE_EXT); \
+ $(MAKE) -e subdirs lib; \
else \
- $(MAKE) -e lib fips_premain_dso$(EXE_EXT) fips_standalone_sha1$(EXE_EXT); \
+ $(MAKE) -e lib; \
fi
# Idea behind fipscanister.o is to "seize" the sequestered code between
# known symbols for fingerprinting purposes, which would be commonly
# done with ld -r start.o ... end.o. The latter however presents a minor
# challenge on multi-ABI platforms. As just implied, we'd rather use ld,
# but the trouble is that we don't generally know how ABI-selection
# compiler flag is translated to corresponding linker flag. All compiler
# drivers seem to recognize -r flag and pass it down to linker, but some
# of them, including gcc, erroneously add -lc, as well as run-time
# components, such as crt1.o and alike. Fortunately among those vendor
# compilers which were observed to misinterpret -r flag multi-ABI ones
# are equipped with smart linkers, which don't require any ABI-selection
# flag and simply assume that all objects are of the same type as first
# one in command line. So the idea is to identify gcc and deficient
# vendor compiler drivers...
fipscanister.o: fips_start.o $(LIBOBJ) $(FIPS_OBJ_LISTS) fips_end.o
FIPS_ASM=""; \
list="$(BN_ASM)"; for i in $$list; do FIPS_ASM="$$FIPS_ASM ../crypto/bn/$$i" ; done; \
@@ -92,114 +92,125 @@
CPUID=../crypto/$(CPUID_OBJ) ; \
else \
CPUID="" ; \
fi ; \
objs="fips_start.o $(LIBOBJ) $(FIPS_EX_OBJ) $$CPUID $$FIPS_ASM"; \
for i in $(FIPS_OBJ_LISTS); do \
dir=`dirname $$i`; script="s|^|$$dir/|;s| | $$dir/|g"; \
objs="$$objs `sed "$$script" $$i`"; \
done; \
objs="$$objs fips_end.o" ; \
os="`(uname -s) 2>/dev/null`"; cflags="$(CFLAGS)"; \
[ "$$os" = "AIX" ] && cflags="$$cflags -Wl,-bnoobjreorder"; \
if [ -n "${FIPS_SITE_LD}" ]; then \
set -x; ${FIPS_SITE_LD} -r -o $@ $$objs; \
elif $(CC) -dumpversion >/dev/null 2>&1; then \
set -x; $(CC) $$cflags -r -nostdlib -o $@ $$objs ; \
else case "$$os" in \
HP-UX|OSF1|SunOS) set -x; /usr/ccs/bin/ld -r -o $@ $$objs ;; \
*) set -x; $(CC) $$cflags -r -o $@ $$objs ;; \
esac fi
- ./fips_standalone_sha1 fipscanister.o > fipscanister.o.sha1
# If another exception is immediately required, assign approprite
# site-specific ld command to FIPS_SITE_LD environment variable.
fips_start.o: fips_canister.c
$(CC) $(CFLAGS) -DFIPS_START -c -o $@ fips_canister.c
fips_end.o: fips_canister.c
$(CC) $(CFLAGS) -DFIPS_END -c -o $@ fips_canister.c
fips_premain_dso$(EXE_EXT): fips_premain.c
$(CC) $(CFLAGS) -DFINGERPRINT_PREMAIN_DSO_LOAD -o $@ fips_premain.c \
$(FIPSLIBDIR)fipscanister.o ../libcrypto.a $(EX_LIBS)
# this is executed only when linking with external fipscanister.o
fips_standalone_sha1$(EXE_EXT): sha/fips_standalone_sha1.c
$(CC) $(CFLAGS) -DFIPSCANISTER_O -o $@ sha/fips_standalone_sha1.c $(FIPSLIBDIR)fipscanister.o
subdirs:
@target=all; $(RECURSIVE_MAKE)
files:
$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
@target=files; $(RECURSIVE_MAKE)
links:
@$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../test $(TEST)
@target=links; $(RECURSIVE_MAKE)
# lib: and $(LIB): are splitted to avoid end-less loop
lib: $(LIB)
if [ "$(FIPSCANISTERINTERNAL)" = "n" -a -n "$(FIPSCANLOC)" ]; then $(AR) ../$(FIPSCANLIB).a $(FIPSCANLOC); fi
@touch lib
-$(LIB): $(FIPSLIBDIR)fipscanister.o
- $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
+$(LIB): $(LIBOBJ) $(FIPS_OBJ_LISTS)
+ FIPS_ASM=""; \
+ list="$(BN_ASM)"; for i in $$list; do FIPS_ASM="$$FIPS_ASM ../crypto/bn/$$i" ; done; \
+ list="$(AES_ASM_OBJ)"; for i in $$list; do FIPS_ASM="$$FIPS_ASM ../crypto/aes/$$i" ; done; \
+ list="$(DES_ENC)"; for i in $$list; do FIPS_ASM="$$FIPS_ASM ../crypto/des/$$i" ; done; \
+ list="$(SHA1_ASM_OBJ)"; for i in $$list; do FIPS_ASM="$$FIPS_ASM ../crypto/sha/$$i" ; done; \
+ if [ -n "$(CPUID_OBJ)" ]; then \
+ CPUID=../crypto/$(CPUID_OBJ) ; \
+ else \
+ CPUID="" ; \
+ fi ; \
+ objs="$(LIBOBJ) $(FIPS_EX_OBJ) $$CPUID $$FIPS_ASM"; \
+ for i in $(FIPS_OBJ_LISTS); do \
+ dir=`dirname $$i`; script="s|^|$$dir/|;s| | $$dir/|g"; \
+ objs="$$objs `sed "$$script" $$i`"; \
+ done; \
+ objs="$$objs" ; \
+ $(AR) $(LIB) $$objs
$(RANLIB) $(LIB) || echo Never mind.
$(FIPSCANLIB): $(FIPSCANLOC)
$(AR) ../$(FIPSCANLIB).a $(FIPSCANLOC)
if [ "$(FIPSCANLIB)" = "libfips" ]; then \
$(AR) $(LIB) $(FIPSCANLOC) ; \
$(RANLIB) $(LIB) || echo Never Mind. ; \
fi
$(RANLIB) ../$(FIPSCANLIB).a || echo Never mind.
@touch lib
-shared: lib subdirs fips_premain_dso$(EXE_EXT)
+shared: lib subdirs
libs:
@target=lib; $(RECURSIVE_MAKE)
fips_test: top
@target=fips_test; $(RECURSIVE_MAKE)
fips_test_diff:
@if diff -b -B -I '^\#' -cr -X fips-nodiff.txt $(FIPS_TVDIR) $(FIPS_TVOK) ; then \
echo "FIPS diff OK" ; \
else \
echo "***FIPS DIFF ERROR***" ; exit 1 ; \
fi
install:
@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
@headerlist="$(EXHEADER)"; for i in $$headerlist ;\
do \
(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
done;
@target=install; $(RECURSIVE_MAKE)
- @cp -p -f fipscanister.o fipscanister.o.sha1 fips_premain.c \
- fips_premain.c.sha1 \
- $(INSTALL_PREFIX)$(INSTALLTOP)/lib/; \
- chmod 0444 $(INSTALL_PREFIX)$(INSTALLTOP)/lib/fips*
lint:
@target=lint; $(RECURSIVE_MAKE)
depend:
@[ -z "$(THIS)" ] || $(MAKEDEPEND) -- $(CFLAG) $(INCLUDE) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
@[ -z "$(THIS)" ] || (set -e; target=depend; $(RECURSIVE_MAKE) )
@if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
clean:
rm -f fipscanister.o.sha1 fips_premain_dso$(EXE_EXT) fips_standalone_sha1$(EXE_EXT) \
*.s *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
@target=clean; $(RECURSIVE_MAKE)
dclean:
$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
mv -f Makefile.new $(MAKEFILE)
@target=dclean; $(RECURSIVE_MAKE)
# DO NOT DELETE THIS LINE -- make depend depends on it.
diff -rNU 20 ../openssl-0.9.8j-o/fips/fips.c ./fips/fips.c
--- ../openssl-0.9.8j-o/fips/fips.c 2011-08-09 14:13:55.000000000 +0200
+++ ./fips/fips.c 2011-08-09 14:25:33.000000000 +0200
@@ -30,53 +30,59 @@
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
+#define _GNU_SOURCE
#include <openssl/rand.h>
#include <openssl/fips_rand.h>
#include <openssl/err.h>
#include <openssl/bio.h>
#include <openssl/hmac.h>
#include <openssl/rsa.h>
#include <string.h>
#include <limits.h>
+#include <dlfcn.h>
+#include <stdio.h>
+#include <stdlib.h>
+
#include "fips_locl.h"
#ifdef OPENSSL_FIPS
+
#include <openssl/fips.h>
#ifndef PATH_MAX
#define PATH_MAX 1024
#endif
static int fips_selftest_fail;
static int fips_mode;
static const void *fips_rand_check;
static void fips_set_mode(int onoff)
{
int owning_thread = fips_is_owning_thread();
if (fips_is_started())
{
if (!owning_thread) fips_w_lock();
fips_mode = onoff;
if (!owning_thread) fips_w_unlock();
}
@@ -148,40 +154,41 @@
OpenSSLDie(__FILE__,__LINE__, "FATAL FIPS SELFTEST FAILURE");
}
}
void fips_set_selftest_fail(void)
{
fips_selftest_fail = 1;
}
int FIPS_selftest()
{
return FIPS_selftest_sha1()
&& FIPS_selftest_hmac()
&& FIPS_selftest_aes()
&& FIPS_selftest_des()
&& FIPS_selftest_rsa()
&& FIPS_selftest_dsa();
}
+#if 0
extern const void *FIPS_text_start(), *FIPS_text_end();
extern const unsigned char FIPS_rodata_start[], FIPS_rodata_end[];
unsigned char FIPS_signature [20] = { 0 };
static const char FIPS_hmac_key[]="etaonrishdlcupfm";
unsigned int FIPS_incore_fingerprint(unsigned char *sig,unsigned int len)
{
const unsigned char *p1 = FIPS_text_start();
const unsigned char *p2 = FIPS_text_end();
const unsigned char *p3 = FIPS_rodata_start;
const unsigned char *p4 = FIPS_rodata_end;
HMAC_CTX c;
HMAC_CTX_init(&c);
HMAC_Init(&c,FIPS_hmac_key,strlen(FIPS_hmac_key),EVP_sha1());
/* detect overlapping regions */
if (p1<=p3 && p2>=p3)
p3=p1, p4=p2>p4?p2:p4, p1=NULL, p2=NULL;
else if (p3<=p1 && p4>=p1)
@@ -227,86 +234,290 @@
if (len!=sizeof(FIPS_signature) ||
memcmp(FIPS_signature,sig,sizeof(FIPS_signature)))
{
if (FIPS_signature>=FIPS_rodata_start && FIPS_signature<FIPS_rodata_end)
FIPSerr(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH_SEGMENT_ALIASING);
#if defined(__sgi) && (defined(__mips) || defined(mips))
else if (__dso_displacement!=NULL)
#else
else if (OPENSSL_NONPIC_relocated)
#endif
FIPSerr(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH_NONPIC_RELOCATED);
else
FIPSerr(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT,FIPS_R_FINGERPRINT_DOES_NOT_MATCH);
return 0;
}
return 1;
}
+#else /* incore_fingerprint */
+
+/* we implement what libfipscheck does ourselves */
+
+static int
+get_library_path(const char *libname, const char *symbolname, char *path, size_t pathlen)
+{
+ Dl_info info;
+ void *dl, *sym;
+ int rv = -1;
+
+ dl = dlopen(libname, RTLD_LAZY);
+ if (dl == NULL) {
+ return -1;
+ }
+
+ sym = dlsym(dl, symbolname);
+
+ if (sym != NULL && dladdr(sym, &info)) {
+ strncpy(path, info.dli_fname, pathlen-1);
+ path[pathlen-1] = '\0';
+ rv = 0;
+ }
+
+ dlclose(dl);
+
+ return rv;
+}
+
+static const char conv[] = "0123456789abcdef";
+
+static char *
+bin2hex(void *buf, size_t len)
+{
+ char *hex, *p;
+ unsigned char *src = buf;
+
+ hex = malloc(len * 2 + 1);
+ if (hex == NULL)
+ return NULL;
+
+ p = hex;
+
+ while (len > 0) {
+ unsigned c;
+
+ c = *src;
+ src++;
+
+ *p = conv[c >> 4];
+ ++p;
+ *p = conv[c & 0x0f];
+ ++p;
+ --len;
+ }
+ *p = '\0';
+ return hex;
+}
+
+#define HMAC_PREFIX "."
+#define HMAC_SUFFIX ".hmac"
+#define READ_BUFFER_LENGTH 16384
+
+static char *
+make_hmac_path(const char *origpath)
+{
+ char *path, *p;
+ const char *fn;
+
+ path = malloc(sizeof(HMAC_PREFIX) + sizeof(HMAC_SUFFIX) + strlen(origpath));
+ if(path == NULL) {
+ return NULL;
+ }
+
+ fn = strrchr(origpath, '/');
+ if (fn == NULL) {
+ fn = origpath;
+ } else {
+ ++fn;
+ }
+
+ strncpy(path, origpath, fn-origpath);
+ p = path + (fn - origpath);
+ p = stpcpy(p, HMAC_PREFIX);
+ p = stpcpy(p, fn);
+ p = stpcpy(p, HMAC_SUFFIX);
+
+ return path;
+}
+
+static const char hmackey[] = "orboDeJITITejsirpADONivirpUkvarP";
+
+static int
+compute_file_hmac(const char *path, void **buf, size_t *hmaclen)
+{
+ FILE *f = NULL;
+ int rv = -1;
+ unsigned char rbuf[READ_BUFFER_LENGTH];
+ size_t len;
+ unsigned int hlen;
+ HMAC_CTX c;
+
+ HMAC_CTX_init(&c);
+
+ f = fopen(path, "r");
+
+ if (f == NULL) {
+ goto end;
+ }
+
+ HMAC_Init(&c, hmackey, sizeof(hmackey)-1, EVP_sha256());
+
+ while ((len=fread(rbuf, 1, sizeof(rbuf), f)) != 0) {
+ HMAC_Update(&c, rbuf, len);
+ }
+
+ len = sizeof(rbuf);
+ /* reuse rbuf for hmac */
+ HMAC_Final(&c, rbuf, &hlen);
+
+ *buf = malloc(hlen);
+ if (*buf == NULL) {
+ goto end;
+ }
+
+ *hmaclen = hlen;
+
+ memcpy(*buf, rbuf, hlen);
+
+ rv = 0;
+end:
+ HMAC_CTX_cleanup(&c);
+
+ if (f)
+ fclose(f);
+
+ return rv;
+}
+
+static int
+FIPSCHECK_verify(const char *libname, const char *symbolname)
+{
+ char path[PATH_MAX+1];
+ int rv;
+ FILE *hf;
+ char *hmacpath, *p;
+ char *hmac = NULL;
+ size_t n;
+
+ rv = get_library_path(libname, symbolname, path, sizeof(path));
+
+ if (rv < 0)
+ return 0;
+
+ hmacpath = make_hmac_path(path);
+
+ hf = fopen(hmacpath, "r");
+ if (hf == NULL) {
+ free(hmacpath);
+ return 0;
+ }
+
+ if (getline(&hmac, &n, hf) > 0) {
+ void *buf;
+ size_t hmaclen;
+ char *hex;
+
+ if ((p=strchr(hmac, '\n')) != NULL)
+ *p = '\0';
+
+ if (compute_file_hmac(path, &buf, &hmaclen) < 0) {
+ rv = -4;
+ goto end;
+ }
+
+ if ((hex=bin2hex(buf, hmaclen)) == NULL) {
+ free(buf);
+ rv = -5;
+ goto end;
+ }
+
+ if (strcmp(hex, hmac) != 0) {
+ rv = -1;
+ }
+ free(buf);
+ free(hex);
+ }
+
+end:
+ free(hmac);
+ free(hmacpath);
+ fclose(hf);
+
+ if (rv < 0)
+ return 0;
+
+ /* check successful */
+ return 1;
+}
+
+#endif
+
+
int FIPS_mode_set(int onoff)
{
int fips_set_owning_thread();
int fips_clear_owning_thread();
int ret = 0;
fips_w_lock();
fips_set_started();
fips_set_owning_thread();
if(onoff)
{
unsigned char buf[48];
fips_selftest_fail = 0;
/* Don't go into FIPS mode twice, just so we can do automagic
seeding */
if(FIPS_mode())
{
FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_FIPS_MODE_ALREADY_SET);
fips_selftest_fail = 1;
ret = 0;
goto end;
}
#ifdef OPENSSL_IA32_SSE2
if ((OPENSSL_ia32cap & (1<<25|1<<26)) != (1<<25|1<<26))
{
FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_UNSUPPORTED_PLATFORM);
fips_selftest_fail = 1;
ret = 0;
goto end;
}
#endif
- if(fips_signature_witness() != FIPS_signature)
+ if(!FIPSCHECK_verify("libcrypto.so.0.9.8","FIPS_mode_set"))
{
- FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_CONTRADICTING_EVIDENCE);
+ FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_FINGERPRINT_DOES_NOT_MATCH);
fips_selftest_fail = 1;
ret = 0;
goto end;
}
- if(!FIPS_check_incore_fingerprint())
+ if(!FIPSCHECK_verify("libssl.so.0.9.8","SSL_CTX_new"))
{
+ FIPSerr(FIPS_F_FIPS_MODE_SET,FIPS_R_FINGERPRINT_DOES_NOT_MATCH);
fips_selftest_fail = 1;
ret = 0;
goto end;
}
/* Perform RNG KAT before seeding */
if (!FIPS_selftest_rng())
{
fips_selftest_fail = 1;
ret = 0;
goto end;
}
/* now switch into FIPS mode */
fips_set_rand_check(FIPS_rand_method());
RAND_set_rand_method(FIPS_rand_method());
/* automagically seed PRNG if not already seeded */
if(!FIPS_rand_status())
{
@@ -388,45 +599,47 @@
return ret;
}
int fips_clear_owning_thread(void)
{
int ret = 0;
if (fips_is_started())
{
CRYPTO_w_lock(CRYPTO_LOCK_FIPS2);
if (fips_thread == CRYPTO_thread_id())
{
fips_thread = 0;
ret = 1;
}
CRYPTO_w_unlock(CRYPTO_LOCK_FIPS2);
}
return ret;
}
+#if 0
unsigned char *fips_signature_witness(void)
{
extern unsigned char FIPS_signature[];
return FIPS_signature;
}
+#endif
/* Generalized public key test routine. Signs and verifies the data
* supplied in tbs using mesage digest md and setting option digest
* flags md_flags. If the 'kat' parameter is not NULL it will
* additionally check the signature matches it: a known answer test
* The string "fail_str" is used for identification purposes in case
* of failure.
*/
int fips_pkey_signature_test(EVP_PKEY *pkey,
const unsigned char *tbs, int tbslen,
const unsigned char *kat, unsigned int katlen,
const EVP_MD *digest, unsigned int md_flags,
const char *fail_str)
{
int ret = 0;
unsigned char sigtmp[256], *sig = sigtmp;
unsigned int siglen;
EVP_MD_CTX mctx;
EVP_MD_CTX_init(&mctx);
diff -rNU 20 ../openssl-0.9.8j-o/fips/fips_locl.h ./fips/fips_locl.h
--- ../openssl-0.9.8j-o/fips/fips_locl.h 2008-09-16 12:12:10.000000000 +0200
+++ ./fips/fips_locl.h 2011-08-09 14:14:42.000000000 +0200
@@ -46,28 +46,30 @@
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef OPENSSL_FIPS
#ifdef __cplusplus
extern "C" {
#endif
void fips_w_lock(void);
void fips_w_unlock(void);
void fips_r_lock(void);
void fips_r_unlock(void);
int fips_is_started(void);
void fips_set_started(void);
int fips_is_owning_thread(void);
int fips_set_owning_thread(void);
void fips_set_selftest_fail(void);
int fips_clear_owning_thread(void);
+#if 0
unsigned char *fips_signature_witness(void);
+#endif
#define FIPS_MAX_CIPHER_TEST_SIZE 16
#ifdef __cplusplus
}
#endif
#endif
diff -rNU 20 ../openssl-0.9.8j-o/test/Makefile ./test/Makefile
--- ../openssl-0.9.8j-o/test/Makefile 2011-08-09 14:10:24.000000000 +0200
+++ ./test/Makefile 2011-08-09 14:14:42.000000000 +0200
@@ -384,56 +384,52 @@
$(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
@target=$(MD2TEST); $(BUILD_CMD)
$(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
@target=$(SHATEST); $(BUILD_CMD)
$(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
@target=$(SHA1TEST); $(BUILD_CMD)
$(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
@target=$(SHA256TEST); $(BUILD_CMD)
$(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
@target=$(SHA512TEST); $(BUILD_CMD)
FIPS_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
shlib_target="$(SHLIB_TARGET)"; \
fi; \
if [ "$(FIPSCANLIB)" = "libfips" ]; then \
LIBRARIES="-L$(TOP) -lfips"; \
- elif [ -n "$(FIPSCANLIB)" ]; then \
- FIPSLD_CC=$(CC); CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \
- LIBRARIES="$${FIPSLIBDIR:-$(TOP)/fips/}fipscanister.o"; \
+ else \
+ LIBRARIES="$(LIBCRYPTO)"; \
fi; \
$(MAKE) -f $(TOP)/Makefile.shared -e \
CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
link_app.$${shlib_target}
FIPS_CRYPTO_BUILD_CMD=shlib_target=; if [ -n "$(SHARED_LIBS)" ]; then \
shlib_target="$(SHLIB_TARGET)"; \
fi; \
LIBRARIES="$(LIBSSL) $(LIBCRYPTO) $(LIBKRB5)"; \
- if [ -z "$(SHARED_LIBS)" -a -n "$(FIPSCANLIB)" ] ; then \
- FIPSLD_CC=$(CC); CC=$(TOP)/fips/fipsld; export CC FIPSLD_CC; \
- fi; \
[ "$(FIPSCANLIB)" = "libfips" ] && LIBRARIES="$$LIBRARIES -lfips"; \
$(MAKE) -f $(TOP)/Makefile.shared -e \
CC="$${CC}" APPNAME=$$target$(EXE_EXT) OBJECTS="$$target.o" \
LIBDEPS="$(PEX_LIBS) $$LIBRARIES $(EX_LIBS)" \
link_app.$${shlib_target}
$(FIPS_SHATEST)$(EXE_EXT): $(FIPS_SHATEST).o $(DLIBCRYPTO)
@target=$(FIPS_SHATEST); $(FIPS_BUILD_CMD)
$(FIPS_AESTEST)$(EXE_EXT): $(FIPS_AESTEST).o $(DLIBCRYPTO)
@target=$(FIPS_AESTEST); $(FIPS_BUILD_CMD)
$(FIPS_DESTEST)$(EXE_EXT): $(FIPS_DESTEST).o $(DLIBCRYPTO)
@target=$(FIPS_DESTEST); $(FIPS_BUILD_CMD)
$(FIPS_HMACTEST)$(EXE_EXT): $(FIPS_HMACTEST).o $(DLIBCRYPTO)
@target=$(FIPS_HMACTEST); $(FIPS_BUILD_CMD)
$(FIPS_RANDTEST)$(EXE_EXT): $(FIPS_RANDTEST).o $(DLIBCRYPTO)
@target=$(FIPS_RANDTEST); $(FIPS_BUILD_CMD)
